Drag
Trust Centre

Security

Research

Our approach to security is based on our own academic research, both in-house and in collaboration with academic institutions.

This validates the Visma Security Program, and ensures that Visma is at the cutting edge when it comes to security.

We also regularly do talks, presentations and lectures at universities, conferences and with our peers in other companies and for our customers.

Here is some of the work we have done:

Scientific articles

Monica Iovan, Daniela Soares Cruzes:

Data-Driven Improvement of Static Application Security Testing Service: An Experience Report in Visma.

PROFES 2022: Product-Focused Software Process Improvement 14 nov. 2022

Karin Bernsmed, Daniela Soares Cruzes, Martin Gilje Jaatun, Monica Iovan:

Adopting threat modelling in agile software development projects

J. Syst. Softw. 183: 111090 (2022)

Monica Iovan, Daniela Soares Cruzes, Espen Agnalt Johansen:

Empowerment of Security Engineers through Security Chartering in Visma

Agile Alliance 10 iun. 2020

Security

Master thesis in Visma

As coadvisors, we will support and guide master students throughout their academic journey. We provide academic assistance, research guidance, and valuable feedback on their work.

We facilitate networking opportunities and help students navigate their chosen field. Together, we aim to foster their growth, develop their skills, and empower them to succeed in their research endeavors and future careers.

This year we focus on:

  • Security vulnerabilities occurrence and management in third-party libraries
  • Measuring the adoption and effective implementation of an application security program
  • Software supply chain threat analysis
  • Threat Analysis for Cloud Infrastructure
  • Security Technical Debt

Some of our previous master thesis:

Elmer Häyrynen - Lappeenranta–Lahti University of Technology LUT, 2021

Analysis of a software security self-assessment tool: Case company: Visma

Eivind Nes Fossum - Norwegian University of Science and Technology, 2022

Intelligence for cybercrime prevention: A study of stakeholders’ needs for actionable intelligence

Aalvik Hege - Norwegian University of Science and Technology, 2022

Towards an Effective Security Champions Program

Kristoffer Håkon Håkonsen - Norwegian University of Science and Technology, 2022

Triggering threat modeling in agile development

Maren Maritsdatter Kruke - University of Oslo, 2022

Security Debt in Practice: A Qualitative Case Study

Matti Paavilainen - Jyväskylä: JAMK University of Applied Sciences, 2022

Applying onboarding theory on the security champion program

Sandra Liabø - University of Oslo, 2022

Comparing prioritization and visualization of technical debt and security debt: A Design Science Research study

Contact us

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Lead Security Researcher and Professor at the Norwegian University of Science and Technology (NTNU)

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Head of Security Research, Design and Development in Visma

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Security Engineering Manager and Senior Infrastructure Engineer in Visma

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Security Research Engineer and Senior Infrastructure Engineer in Visma

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Security Business Analyst in Visma